CVE-2013-2982

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary files via unspecified vectors.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21640830	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/83997
http://www-01.ibm.com/support/docview.wss?uid=swg21640830	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/83997

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:::::::*
	cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:::::::*
	cpe:2.3:a:ibm:sterling_file_gateway:2.1:::::::*
	cpe:2.3:a:ibm:sterling_file_gateway:2.2:::::::*

History

21 Nov 2024, 01:52

Type	Values Removed	Values Added
References	~~() http://www-01.ibm.com/support/docview.wss?uid=swg21640830 - Vendor Advisory~~	() http://www-01.ibm.com/support/docview.wss?uid=swg21640830 - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/83997 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/83997 -

Information

Published : 2013-07-03 13:54

Updated : 2024-11-21 01:52

NVD link : CVE-2013-2982

Mitre link : CVE-2013-2982

CVE.ORG link : CVE-2013-2982

JSON object : View

Products Affected

ibm

sterling_file_gateway
sterling_b2b_integrator

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-2982", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-03T13:54:31.070", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640830", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83997", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21640830", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83997", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary files via unspecified vectors."}, {"lang": "es", "value": "IBM Sterling B2B Integrator 5.1 y 5.2 y Sterling File Gateway 2.1 y 2.2, permite a usuarios autenticados remotamente subir archivos remotamente a trav\u00e9s de vectores no especificados."}], "lastModified": "2024-11-21T01:52:47.283", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40363692-5283-4D0C-BAE1-C049C02A0294"}, {"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F805BA3A-178D-416E-9DED-4258F71A17C8"}, {"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A40AC14-AC2B-4A0D-A9CC-3A00B48D8975"}, {"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1554D69E-D68E-46CA-B1F7-C24CAABF58E8"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}